Forum Discussion

Nimbostratus

Jun 03, 2018

Secure & HTTP Only Flag on Cookie

Hi Everyone, I' m confused about secure and http only flag in cookie persistence. I have tried several things in my test environment and results as follows; When i use default cookie persis...

application delivery

LTM

Stanislas_Piro2

Cumulonimbus

Jun 04, 2018

Hi,

Flags are only in response, not in requests...

These flags are to define when use the cookie.

If persistence is define without expiration time, it is a session cookie which mean there is no need to send in each responses if the client sent it and the value is still the same.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Secure & HTTP Only Flag on Cookie

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

HTTP Multipart and Security Implications

Quarterly Security Notification October 2025

Increased Security With First Party Cookies

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

BIG-IP security hardening and compliance checks

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS